mirror of
https://github.com/systemd/systemd.git
synced 2024-11-23 18:23:32 +08:00
2aba77057e
Before this patch the only way to prevent journald from reading the audit messages was to mask systemd-journald-audit.socket. However this had main drawback that downstream couldn't ship the socket disabled by default (beside the fact that masking units is not supposed to be the usual way to disable them). Fixes #15777
27 lines
724 B
SYSTEMD
27 lines
724 B
SYSTEMD
# SPDX-License-Identifier: LGPL-2.1-or-later
|
|
#
|
|
# This file is part of systemd.
|
|
#
|
|
# systemd is free software; you can redistribute it and/or modify it
|
|
# under the terms of the GNU Lesser General Public License as published by
|
|
# the Free Software Foundation; either version 2.1 of the License, or
|
|
# (at your option) any later version.
|
|
|
|
[Unit]
|
|
Description=Journal Audit Socket
|
|
Documentation=man:systemd-journald.service(8) man:journald.conf(5)
|
|
DefaultDependencies=no
|
|
Before=sockets.target
|
|
ConditionSecurity=audit
|
|
ConditionCapability=CAP_AUDIT_READ
|
|
|
|
[Socket]
|
|
Service=systemd-journald.service
|
|
ReceiveBuffer=128M
|
|
ListenNetlink=audit 1
|
|
PassCredentials=yes
|
|
|
|
[Install]
|
|
WantedBy=sockets.target
|
|
WantedBy=systemd-journald.service
|